| 融合宏观与微观的双层威胁分析模型 |
| |
| 作者姓名: | 孙澄 胡浩 杨英杰 张红旗 |
| |
| 作者单位: | 信息工程大学,河南 郑州 450001 |
| |
| 基金项目: | 国家自然科学基金(61902427) |
| |
| 摘 要: | 针对现有威胁分析模型无法兼顾高级安全威胁的宏观发展趋势及微观传播路径的问题,建立了一种双层威胁分析模型TL-TAM。模型上层刻画严重程度由低到高的威胁发展趋势,下层融合技术漏洞攻击、社会工程攻击及网络扫描攻击,刻画威胁传播路径。据此,提出了威胁预测分析算法。实验结果表明,模型能够对威胁传播进行多层面综合分析,并且克服了基于攻击图的威胁分析模型局限于技术漏洞攻击的缺陷,更加适用于高级安全威胁的动态跟踪分析。
|
| 关 键 词: | 双层模型 传播路径 社会工程 网络扫描 |
Two-layer threat analysis model integrating macro and micro |
| |
| Authors: | Cheng SUN Hao HU Yingjie YANG Hongqi ZHANG |
| |
| Affiliation: | Information Engineering University, Zhengzhou 450001, China |
| |
| Abstract: | The existing threat analysis models failed to comprehensively analyze the propagation of advanced security threats integrating the threat development trend and propagation path.In order to solve the problem, a two-layer threat analysis model named TL-TAM was established.The upper layer of the model depicted the threat development trend.The lower layer depicted the threat propagation path considering social engineering and networks can.Based on the model, prediction algorithm of threat development was proposed.The experimental result shows that the model can comprehensively analyze the threat propagation at multiple levels, overcome the defect that the threat analysis model based on attack graph is limited to technical vulnerability attack, and is more suitable for dynamic tracking analysis of advanced security threats. |
| |
| Keywords: | two-layer model propagation path social engineering network scan |
|
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
